Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.

OpenAI’s new ChatGPT file library makes saved files easier to reuse, but deleting a chat no longer deletes the files inside ...

If you’re wrangling financial data, the choice between PDF and CSV formats can seriously impact your workflow. PDFs look ...

Malicious LiteLLM 1.82.7–1.82.8 via Trivy compromise deploys backdoor and steals credentials, enabling Kubernetes-wide ...

After hacking Trivy, TeamPCP moved to compromise repositories across NPM, Docker Hub, VS Code, and PyPI, stealing over 300GB ...

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a ...

Privacy-conscious internet users already have to contend with typical websites acquiring private info and selling it to third-parties, and now there's AI.

Exclusive: Guardian investigation finds data from flagship medical research leaked dozens of times Confidential health data has been exposed online on dozens of occasions, a Guardian investigation can ...

A newly discovered attack sandbags Apple users into hacking themselves. Here’s what all Mac users need to know.

Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as ...